{"id":64804,"date":"2025-06-10T11:32:29","date_gmt":"2025-06-10T08:02:29","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-4954-axle-demo-importer-wordpress-file-upload-vulnerability\/"},"modified":"2025-06-10T11:32:29","modified_gmt":"2025-06-10T08:02:29","slug":"cve-2025-4954-axle-demo-importer-wordpress-file-upload-vulnerability","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-4954-axle-demo-importer-wordpress-file-upload-vulnerability\/","title":{"rendered":"CVE-2025-4954 &#8211; Axle Demo Importer WordPress File Upload Vulnerability"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-4954<br \/>\n<br \/>\n<strong>Published : <\/strong> June 10, 2025, 6:15 a.m. | 44\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>The Axle Demo Importer WordPress plugin through 1.0.3 does not validate files to be uploaded, which could allow authenticated users (author and above) to upload arbitrary files such as PHP on the server<br \/>\n<br \/>\n<strong>Severity:<\/strong> 0.0 | NA<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-4954 Published : June 10, 2025, 6:15 a.m. | 44\u00a0minutes ago Description : The Axle Demo Importer WordPress plugin through 1.0.3 does not validate files to be uploaded, which could allow authenticated users (author and above) to upload arbitrary files such as PHP on the server Severity: 0.0 | NA Visit the [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-64804","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/64804","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=64804"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/64804\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=64804"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=64804"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=64804"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}